cognito_token_verifier 0.1.0 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +9 -0
  3. data/Gemfile.lock +2 -2
  4. data/cognito_token_verifier.gemspec +1 -0
  5. data/lib/cognito_token_verifier/config.rb +6 -3
  6. data/lib/cognito_token_verifier/errors.rb +12 -0
  7. data/lib/cognito_token_verifier/token.rb +7 -4
  8. data/lib/cognito_token_verifier/version.rb +1 -1
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b62edbc24a15d7e43934a4ffcb641370e503084caffbac662da565528b3621f4
4
- data.tar.gz: 4d562bee7ee8130d082c3f24530a1e62f235c03e176733bdd7b17d7cf7deca09
3
+ metadata.gz: 02ef1ab0355a54f560d05129aa92616d8545ce11e2535787e9444ca8241e4119
4
+ data.tar.gz: 34ce55f919bf09784375ad764031eb4f724258e50dc18fcc777a9428ca601d27
5
5
  SHA512:
6
- metadata.gz: 000d7d04865954163674f2970163cd411fae1a8bbd83cf7f2dd5feeac00f5674367fd07621e135a44c59a2687115092405834ae42a9d5cad5bbbf7353a62a5bf
7
- data.tar.gz: e1c17ca0365937f4bad00d395283f9d8f74fc58342cda151a23597c34925d1f058ed2f23ecad157b26a028854225275b4dd5b3b7d4646facf5184a7f280ca972
6
+ metadata.gz: ea02cd0a5f932fe6e41e4ff23baa33df6219887022a44dd2e0ad4bc4a291b962a0867035e9358f7c9f9556764859ab318a61abf0b5d4147968c2171a0ee1f5e2
7
+ data.tar.gz: be564bb2c4ef81f015b458e44b033f11d807c7b3cb3b9c960f16c4982dd2090b28e865d0d9c2a9a8a7bd9eaafebeb07f26f84c06f415545846f35ba6f465f4e9
data/CHANGELOG.md CHANGED
@@ -0,0 +1,9 @@
1
+ # CHANGELOG.md
2
+
3
+ ## 0.2.0 (2019-02-21)
4
+
5
+ - Improvements to handling errors fetching JWKs and decoding Cognito JWTs
6
+
7
+ ## 0.1.0 (2019-02-20)
8
+
9
+ - Initial release of Cognito token verification gem
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- cognito_token_verifier (0.1.0)
4
+ cognito_token_verifier (0.2.0)
5
5
  activesupport (>= 4.2, < 6.0)
6
6
  json-jwt (~> 1.1)
7
7
  rest-client (~> 2.0)
@@ -107,7 +107,7 @@ PLATFORMS
107
107
  DEPENDENCIES
108
108
  actionpack (>= 4.2, < 6.0)
109
109
  bundler (~> 2.0)
110
- byebug
110
+ byebug (~> 11.0)
111
111
  cognito_token_verifier!
112
112
  rake (>= 10.0, < 13.0)
113
113
  rspec-rails (~> 3.0)
data/cognito_token_verifier.gemspec CHANGED
@@ -12,6 +12,7 @@ Gem::Specification.new do |spec|
12
12
  spec.summary = %q{Verify and parse AWS Cognito JWTs to authenticate endpoints}
13
13
  spec.homepage = "https://github.com/CodingAnarchy/cognito_token_verifier"
14
14
  spec.license = "MIT"
15
+ spec.required_ruby_version = ">= 2.3.8"
15
16
 
16
17
  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
17
18
  # to allow pushing to a single host or delete this section to allow pushing to any host.
data/lib/cognito_token_verifier/config.rb CHANGED
@@ -20,9 +20,12 @@ module CognitoTokenVerifier
20
20
  end
21
21
 
22
22
  def jwks
23
- raise ConfigSetupError.new(self) unless aws_region.present? and user_pool_id.present?
24
- @jwks ||= JSON.parse(RestClient.get(jwk_url))
25
- # TODO: rescue RestClient and JSON errors here to present a more user-friendly error
23
+ begin
24
+ raise ConfigSetupError.new(self) unless aws_region.present? and user_pool_id.present?
25
+ @jwks ||= JSON.parse(RestClient.get(jwk_url))
26
+ rescue RestClient::Exception, JSON::JSONError => e
27
+ raise JWKFetchError
28
+ end
26
29
  end
27
30
 
28
31
  def iss
data/lib/cognito_token_verifier/errors.rb CHANGED
@@ -12,11 +12,23 @@ module CognitoTokenVerifier
12
12
  end
13
13
  end
14
14
 
15
+ class JWKFetchError < StandardError
16
+ def message
17
+ "Error fetching JWKs for your Cognito user pool. Please verify your configuration of the CognitoTokenVerifier gem."
18
+ end
19
+ end
20
+
15
21
  class TokenMissing < CognitoTokenVerifier::Error
16
22
  def message
17
23
  "Cognito token not provided. Please retransmit request with Cognito token in authorization header."
18
24
  end
19
25
  end
26
+
27
+ class TokenDecodingError < CognitoTokenVerifier::Error
28
+ def message
29
+ "Cognito token could not be decoded. Please ensure the request token is from the correct Cognito user pool and try again."
30
+ end
31
+ end
20
32
 
21
33
  class TokenExpired < StandardError
22
34
  def message
data/lib/cognito_token_verifier/token.rb CHANGED
@@ -5,10 +5,13 @@ module CognitoTokenVerifier
5
5
  attr_reader :header, :decoded_token
6
6
 
7
7
  def initialize(jwt)
8
- @header= JSON.parse(Base64.decode64(jwt.split('.')[0]))
9
- @jwk = JSON::JWK.new(CognitoTokenVerifier.config.jwks["keys"].detect{|jwk| jwk['kid'] == header['kid']})
10
- @decoded_token = JSON::JWT.decode(jwt, @jwk)
11
- # TODO: rescue errors for JSON/JWK/JWT parsing/decoding to present user-friendly "token could not be decoded" error
8
+ begin
9
+ @header= JSON.parse(Base64.decode64(jwt.split('.')[0]))
10
+ @jwk = JSON::JWK.new(CognitoTokenVerifier.config.jwks["keys"].detect{|jwk| jwk['kid'] == header['kid']})
11
+ @decoded_token = JSON::JWT.decode(jwt, @jwk)
12
+ rescue JSON::JWS::VerificationFailed, JSON::JSONError => e
13
+ raise TokenDecodingError
14
+ end
12
15
  end
13
16
 
14
17
  def expired?
data/lib/cognito_token_verifier/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module CognitoTokenVerifier
2
- VERSION = "0.1.0"
2
+ VERSION = "0.2.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cognito_token_verifier
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matt Tanous
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-02-20 00:00:00.000000000 Z
11
+ date: 2019-02-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -183,7 +183,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
183
183
  requirements:
184
184
  - - ">="
185
185
  - !ruby/object:Gem::Version
186
- version: '0'
186
+ version: 2.3.8
187
187
  required_rubygems_version: !ruby/object:Gem::Requirement
188
188
  requirements:
189
189
  - - ">="